Probably the simplest phishing trick in the world

Many popular browsers are affected by a vulnerability that makes it easy to spoof the content of websites, security firm Secunia warns.

Features built into browsers makes it possible for malicious websites to change the content of pop-up windows created by trusted websites such as online banks. Users would have no inkling that potentially hostile content has been injected into a pop-up window. Exploits rely on misusing browser functionality rather than taking advantage of a software bug. Thomas Kristensen, Secunia’s chief technology officer, described the problem as “perhaps the simplest phishing trick yet.”